Many websites needing to restrict access to content want to encourage social media sharing of content from their websites, while also protecting the rest of the website’s content through a paywall. Under the First Click Free principle, visitors following links to content on your website can view an initial article for free, but clicking through to secondary links results in content being hidden behind access restrictions, such as a sign-in screen or paywall.

Cloud Platform supports the creation of sign-in screens or paywalls for content by adding a X-UA-FCF header with the value of allow to all traffic originating from the following websites:

• Google

• Facebook

• LinkedIn

Cloud Platform always adds the X-UA-FCF header to traffic originating from these websites, but no restrictions are placed on content access without additional configuration on your part. Add the following HTTP response header, either through custom code or the HTTP Response Headers module, to the HTTP response headers sent by your application:

X-UA-FCF-Enabled: 1

This header instructs Varnish® to append the X-UA-FCF header to your application’s Vary header before caching, enabling Varnish to cache responses with allow differently than responses containing deny.

For more information about other HTTP headers provided by Cloud Platform, see Varnish headers.